[colug-432] Malware
Thomas W. cranston
cranston.thomas at gmail.com
Fri Jun 24 12:01:56 EDT 2011
On 06/24/2011 08:34 AM, Seth Hall wrote:
> On Jun 24, 2011, at 1:46 AM, Richard Hornsby wrote:
>
>
>> People hate to hear that, and they get kind of mad at me - but that is my professional and personal opinion from my support days, and from my discussions with the really smart people who know more than me about this stuff at Ohio State.
>>
>
> I got to be one of those people at Ohio State telling this to people over and over and over for a number of years. In the security group, we got to the point where we would just automatically detect a continued compromise based on network traffic and the admins would continue to receive emails from us every day until the computer was actually "clean".
>
> When you're watching 60k - 80k computers you have to automate some amount of it. :)
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro-ids.org/
>
> rt
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>
Somewhat found answer to my question. The malware is Conflicker. It
prevents a computer from connecting any AV site. You detect it by using
the Conflicker Eye Chart.
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html.
I will also consider the additional advice from COLUG.
http://en.wikipedia.org/wiki/Conflicker
The winders box is running 98SE w/Norton 2000 AV. I updated for many
years until the update did not work. I figured they cut me off, as I had
never paid for the annual service. I rarely get out on the web with it.
I am going to http://www.malwarebytes.org/ and download. I am wondering
if I will have any conflicts w/Norton.
Tom
More information about the colug-432
mailing list